<?php
/* this file will handle order deletion or shipping state update */
// load wordpress defaults, make global variables/functions available
$this_file = str_replace( '\\', '/', __FILE__ );
$this_file = explode( 'wp-content', $this_file );
$this_file = $this_file[ 0 ];
require( $this_file . 'wp-blog-header.php' );
header( 'HTTP/1.1 200 OK' );

global $current_user, $wpdb;
get_currentuserinfo();

$dothis      = !empty( $_POST[ 'action' ] ) ? $_POST[ 'action' ] : NULL; // action to take
$itemid      = !empty( $_POST[ 'itemid' ] ) ? intval( $_POST[ 'itemid' ] ) : NULL; // row id
$order_state = $_POST[ 'order_state' ]; // selection

// order state
if( $dothis == 'flag' && $itemid && current_user_can( 'administrator' ) && wp_verify_nonce( $_POST[ 'sofa_suppastore_cc' ], 'chck_ref_cc' ) ) {
	$q_store_string = "UPDATE " . $wpdb->prefix . "purchases_history SET flag_shipped = $order_state WHERE id = $itemid";
	$q_store = $wpdb->query( $wpdb->prepare( $q_store_string ) );
	if( !$q_store ) echo '<p>' . __( "Database error! Please try again later.", "sofa_suppastore" ) . '</p>';
	else echo '<script language="javascript" type="text/javascript">setTimeout( function() { top.location.reload(); }, 100 );</script>';
}
// order delete
if( $dothis == 'delete' && $itemid && current_user_can( 'administrator' ) && wp_verify_nonce( $_POST[ 'sofa_suppastore_cc' ], 'chck_ref_cc' ) ) {
	$q_store_string = "DELETE FROM " . $wpdb->prefix . "purchases_history WHERE id = $itemid";
	$q_store = $wpdb->query( $wpdb->prepare( $q_store_string ) );
	if( !$q_store ) echo '<p>' . __( "Database error! Please try again later.", "sofa_suppastore" ) . '</p>';
	else echo '<script language="javascript" type="text/javascript">setTimeout( function() { top.location.reload(); }, 100 );</script>';
}